<?php
include ('config.php');
if (isset($_REQUEST['user']))
$benutzer= substr($_POST['user'],0,30);
if (isset($_REQUEST['password']))
$passwort= substr($_POST['password'],0,30);

$a= mysql_query ("select passwort from benutzer where benutzer='$benutzer' and aktiv = 1");
$c= mysql_fetch_row($a);
if (md5($passwort)==$c[0])
{
	exit;
}
else
{
	header("HTTP/1.0 601 Invalid account.");	
}
?>